Monthly Archive for June, 2014

There’s a new wizard in town and I don’t mean Gandalf the White! The Website Defacement Wizard is a new wizard available in the latest release of Nagios XI 2014.

One of the worst things a company can suffer PR-wise is website defacement. At best, it will require restoring the page, and at worst it can be a nightmare of log review, security patches, and damage control. Time is of the essence in such a situation, so being alerted as soon as possible is of utmost importance. That’s where the Website Defacement Wizard comes in handy.

The Website Defacement Wizard allows you to monitor a web page for certain keywords, either alerting if they are present in the case of offensive or spam-related words, or alerting if they are missing, which may indicate a whole-page defacement. We provide a few pre-defined lists of words you may wish to look for, sorted into categories such as Profanity and Gambling. You can also add your own words or phrases, or remove certain words if they might be expected on the page (such as “unisex” on a page discussing clothing). If you would rather check to ensure the existence of a word or phrase, the process is similar and will be described in this article.

So without further delay, let’s walk through setting up a check:

In the Nagios XI interface, go to the Configure tab and click Run the Monitoring Wizard. Scroll all the way down the page and click Website Defacement.

The JSON CGIs, from the JSON branch of core, have been officially released with Nagios Core 4.0.7!

The original design goals were:

To provide all information available in current CGIs in JSON format.

Place the presentation responsibility on the client to minimize network traffic and server load.

Perform operations on the server side that are significantly more easily done there.

Spark community developers to create new Nagios Core UI’s from the easy to work with JSON from the CGIs.

The CGIs provide an API to query object, status, and historical information through GET requests. They use the same authentication as other CGIs. Once queried, they return valid JSON that can be parsed into JavaScript objects for client side models and processing. The API is very robust, providing multiple ways to limit queries – name/descriptions, host/service groups, update/changes times, among many others.

The three new CGIs are:

objectjson.cgi (object configuration)

statusjson.cgi (status information)

archivejson.cgi (historical logs)

Additionally, a new web app is included – jsonquery.html & jsonquery.js. This is a small UI for crafting GET requests, it can be used to trial specific parameters for GET requests, or to just explore the api. It is also the easiest way to get acquainted with the new CGIs.